@中文描述: /* 通过 URL @fs/ftp/a.txt?import&raw?? 访问服务器文件的行为，通常意味着访问了不应公开的目录或文件。为了阻止这种情况，我们需要确保以下几方面的安全性：限制文件访问路径禁止特定的 URL 查询参数加强 Vite 配置的文件系统安全性 */ { name: 'restrict-query-params', @版本: @升级登记:1 @同步后端:0 @同步数据库:0 @同步配置:0 @向下兼容:1

08335 / hivui-platform-template

hivui平台项目模板

Browse code @中文描述: /* 通过 URL @fs/ftp/a.txt?import&raw?? 访问服务器文件的行为，通常意味着访问了不应公开的目录或文件。为了阻止这种情况，我们需要确保以下几方面的安全性：限制文件访问路径禁止特定的 URL 查询参数加强 Vite 配置的文件系统安全性 */ { name: 'restrict-query-params', @版本: @升级登记:1 @同步后端:0 @同步数据库:0 @同步配置:0 @向下兼容:1 master
1 parent c938b0d commit f08e5b8fff3a59d3164185cc352d4f5ddaf8fa74 caibinghong authored 17 days ago

Browse code

@中文描述: /*

通过 URL @fs/ftp/a.txt?import&raw?? 访问服务器文件的行为，通常意味着访问了不应公开的目录或文件。为了阻止这种情况，我们需要确保以下几方面的安全性：
                限制文件访问路径
                禁止特定的 URL 查询参数
                加强 Vite 配置的文件系统安全性
            */
            {
                name: 'restrict-query-params',
@版本:
@升级登记:1
@同步后端:0
@同步数据库:0
@同步配置:0
@向下兼容:1

master

1 parent c938b0d commit f08e5b8fff3a59d3164185cc352d4f5ddaf8fa74

caibinghong authored 17 days ago

Showing 2 changed files

Ignore Space Show notes View package.json
{ "name": "hi-vui-template", "version": "1.1.67", "description": "A hi-vui-template project", "author": "zhcTeam", "scripts": { "rm:vite": "rimraf node_modules/.vite && rimraf node_modules/.cache", "pm2:start": "pm2 -s start processes.json", "dev": "vite --host", "def": "vite --host", "build": "node build/copyBaseAssets.js && cross-env NODE_ENV=production node build/webpack.prod.conf.js", "build:modules": "cross-env NODE_ENV=production node build/webpack.prod.conf.js", "build1": "webpack --mode production --config build/webpack.prod.conf.js", "dll": "webpack --config build/webpack.dll.conf.js", "start": "webpack-dev-server --config build/webpack.dev.conf.js", "copyassets": "node build/copyBaseAssets.js" }, "devDependencies": { "@babel/core": "^7.1.2", "@babel/plugin-proposal-nullish-coalescing-operator": "^7.16.7", "@babel/plugin-proposal-optional-chaining": "^7.16.7", "@babel/plugin-syntax-dynamic-import": "^7.0.0", "@babel/preset-env": "^7.1.0", "@vitejs/plugin-vue-jsx": "^1.3.3", "@vue/babel-helper-vue-jsx-merge-props": "^1.2.1", "@vue/babel-preset-jsx": "^1.2.4", "add-asset-html-webpack-plugin": "^3.2.0", "autoprefixer": "^9.1.5", "babel-loader": "^8.0.4", "babel-plugin-component": "^1.1.1", "babel-plugin-transform-vite-meta-env": "^1.0.3", "caniuse-lite": "^1.0.30001436", "chalk": "^3.0.0", "clean-webpack-plugin": "^0.1.19", "copy-webpack-plugin": "^4.5.3", "cross-env": "^7.0.3", "css-loader": "^1.0.0", "dotenv": "^10.0.0", "file-loader": "^2.0.0", "happypack": "^5.0.1", "html-webpack-plugin": "^4.5.2", "less": "3.0.4", "less-loader": "5.0.0", "mini-css-extract-plugin": "^1.6.2", "node-sass": "4.14.1", "optimize-css-assets-webpack-plugin": "^5.0.1", "parallel-webpack": "^2.6.0", "postcss-import": "^11.1.0", "postcss-loader": "^2.1.6", "postcss-url": "^7.3.2", "progress-bar-webpack-plugin": "^2.1.0", "sass": "1.57.1", "sass-loader": "7.3.1", "style-loader": "^0.23.0", "terser-webpack-plugin": "^4.2.3", "thread-loader": "^3.0.4", "uglifyjs-webpack-plugin": "^2.0.1", "url-loader": "^1.1.1", "vite": "^2.9.15", "vite-plugin-html": "^2.1.1", "vite-plugin-imp": "^2.0.11", "vite-plugin-pagedata": "^1.0.4", "vite-plugin-vue2": "^1.9.0", "vue-loader": "^15.4.2", "vue-template-compiler": "2.6.14", "webpack": "^4.46.0", "webpack-cli": "^4.9.2", "webpack-dev-server": "^3.11.3", "webpack-merge": "^4.1.4" }, "dependencies": { "axios": "0.20.0", "babel-polyfill": "6.26.0", "classnames": "2.3.1", "echarts": "5.2.2", "element-ui": "2.15.3", "enquire.js": "2.1.6", "event-emitter": "^0.3.5", "font-awesome": "4.7.0", "hi-taskcenter": "^1.0.9", "hi-ui": "^1.2.3560", "js-cookie": "3.0.1", "js-md5": "0.7.3", "js-pinyin": "0.1.9", "lodash": "4.17.11", "pinyin-pro": "^3.20.4", "qrcode": "^1.5.3", "screenfull": "6.0.0", "sortablejs": "1.14.0", "v-clipboard": "2.2.3", "vue": "2.6.14", "vue-draggable-resizable": "2.3.0", "vue-gemini-scrollbar": "2.0.1", "vue-jstree": "2.1.6", "vue-router": "3.3.4", "vuex": "3.6.2", "zhc-birt-cmps": "^3.0.32", "zhc-flowchart": "^1.0.20", "zhc-visualstudio": "^1.0.13" }, "preview": { "autoStopTime": 172800 } } { "name": "hi-vui-template", "version": "1.1.66", "description": "A hi-vui-template project", "author": "zhcTeam", "scripts": { "rm:vite": "rimraf node_modules/.vite && rimraf node_modules/.cache", "pm2:start": "pm2 -s start processes.json", "dev": "vite --host", "def": "vite --host", "build": "node build/copyBaseAssets.js && cross-env NODE_ENV=production node build/webpack.prod.conf.js", "build:modules": "cross-env NODE_ENV=production node build/webpack.prod.conf.js", "build1": "webpack --mode production --config build/webpack.prod.conf.js", "dll": "webpack --config build/webpack.dll.conf.js", "start": "webpack-dev-server --config build/webpack.dev.conf.js", "copyassets": "node build/copyBaseAssets.js" }, "devDependencies": { "@babel/core": "^7.1.2", "@babel/plugin-proposal-nullish-coalescing-operator": "^7.16.7", "@babel/plugin-proposal-optional-chaining": "^7.16.7", "@babel/plugin-syntax-dynamic-import": "^7.0.0", "@babel/preset-env": "^7.1.0", "@vitejs/plugin-vue-jsx": "^1.3.3", "@vue/babel-helper-vue-jsx-merge-props": "^1.2.1", "@vue/babel-preset-jsx": "^1.2.4", "add-asset-html-webpack-plugin": "^3.2.0", "autoprefixer": "^9.1.5", "babel-loader": "^8.0.4", "babel-plugin-component": "^1.1.1", "babel-plugin-transform-vite-meta-env": "^1.0.3", "caniuse-lite": "^1.0.30001436", "chalk": "^3.0.0", "clean-webpack-plugin": "^0.1.19", "copy-webpack-plugin": "^4.5.3", "cross-env": "^7.0.3", "css-loader": "^1.0.0", "dotenv": "^10.0.0", "file-loader": "^2.0.0", "happypack": "^5.0.1", "html-webpack-plugin": "^4.5.2", "less": "3.0.4", "less-loader": "5.0.0", "mini-css-extract-plugin": "^1.6.2", "node-sass": "4.14.1", "optimize-css-assets-webpack-plugin": "^5.0.1", "parallel-webpack": "^2.6.0", "postcss-import": "^11.1.0", "postcss-loader": "^2.1.6", "postcss-url": "^7.3.2", "progress-bar-webpack-plugin": "^2.1.0", "sass": "1.57.1", "sass-loader": "7.3.1", "style-loader": "^0.23.0", "terser-webpack-plugin": "^4.2.3", "thread-loader": "^3.0.4", "uglifyjs-webpack-plugin": "^2.0.1", "url-loader": "^1.1.1", "vite": "^2.9.15", "vite-plugin-html": "^2.1.1", "vite-plugin-imp": "^2.0.11", "vite-plugin-pagedata": "^1.0.4", "vite-plugin-vue2": "^1.9.0", "vue-loader": "^15.4.2", "vue-template-compiler": "2.6.14", "webpack": "^4.46.0", "webpack-cli": "^4.9.2", "webpack-dev-server": "^3.11.3", "webpack-merge": "^4.1.4" }, "dependencies": { "axios": "0.20.0", "babel-polyfill": "6.26.0", "classnames": "2.3.1", "echarts": "5.2.2", "element-ui": "2.15.3", "enquire.js": "2.1.6", "event-emitter": "^0.3.5", "font-awesome": "4.7.0", "hi-taskcenter": "^1.0.9", "hi-ui": "^1.2.3560", "js-cookie": "3.0.1", "js-md5": "0.7.3", "js-pinyin":"0.1.9", "lodash": "4.17.11", "pinyin-pro": "^3.20.4", "qrcode": "^1.5.3", "screenfull": "6.0.0", "sortablejs": "1.14.0", "v-clipboard": "2.2.3", "vue": "2.6.14", "vue-draggable-resizable": "2.3.0", "vue-gemini-scrollbar": "2.0.1", "vue-jstree": "2.1.6", "vue-router": "3.3.4", "vuex": "3.6.2", "zhc-birt-cmps": "^3.0.32", "zhc-flowchart": "^1.0.20", "zhc-visualstudio": "^1.0.13" }, "preview": { "autoStopTime": 172800 } }

Ignore Space Show notes View

package.json

{
  "name": "hi-vui-template",
  "version": "1.1.67",
  "description": "A hi-vui-template project",
  "author": "zhcTeam",
  "scripts": {
    "rm:vite": "rimraf node_modules/.vite && rimraf node_modules/.cache",
    "pm2:start": "pm2 -s start processes.json",
    "dev": "vite --host",
    "def": "vite --host",
    "build": "node build/copyBaseAssets.js && cross-env NODE_ENV=production node build/webpack.prod.conf.js",
    "build:modules": "cross-env NODE_ENV=production node build/webpack.prod.conf.js",
    "build1": "webpack --mode production --config build/webpack.prod.conf.js",
    "dll": "webpack --config build/webpack.dll.conf.js",
    "start": "webpack-dev-server --config build/webpack.dev.conf.js",
    "copyassets": "node build/copyBaseAssets.js"
  },
  "devDependencies": {
    "@babel/core": "^7.1.2",
    "@babel/plugin-proposal-nullish-coalescing-operator": "^7.16.7",
    "@babel/plugin-proposal-optional-chaining": "^7.16.7",
    "@babel/plugin-syntax-dynamic-import": "^7.0.0",
    "@babel/preset-env": "^7.1.0",
    "@vitejs/plugin-vue-jsx": "^1.3.3",
    "@vue/babel-helper-vue-jsx-merge-props": "^1.2.1",
    "@vue/babel-preset-jsx": "^1.2.4",
    "add-asset-html-webpack-plugin": "^3.2.0",
    "autoprefixer": "^9.1.5",
    "babel-loader": "^8.0.4",
    "babel-plugin-component": "^1.1.1",
    "babel-plugin-transform-vite-meta-env": "^1.0.3",
    "caniuse-lite": "^1.0.30001436",
    "chalk": "^3.0.0",
    "clean-webpack-plugin": "^0.1.19",
    "copy-webpack-plugin": "^4.5.3",
    "cross-env": "^7.0.3",
    "css-loader": "^1.0.0",
    "dotenv": "^10.0.0",
    "file-loader": "^2.0.0",
    "happypack": "^5.0.1",
    "html-webpack-plugin": "^4.5.2",
    "less": "3.0.4",
    "less-loader": "5.0.0",
    "mini-css-extract-plugin": "^1.6.2",
    "node-sass": "4.14.1",
    "optimize-css-assets-webpack-plugin": "^5.0.1",
    "parallel-webpack": "^2.6.0",
    "postcss-import": "^11.1.0",
    "postcss-loader": "^2.1.6",
    "postcss-url": "^7.3.2",
    "progress-bar-webpack-plugin": "^2.1.0",
    "sass": "1.57.1",
    "sass-loader": "7.3.1",
    "style-loader": "^0.23.0",
    "terser-webpack-plugin": "^4.2.3",
    "thread-loader": "^3.0.4",
    "uglifyjs-webpack-plugin": "^2.0.1",
    "url-loader": "^1.1.1",
    "vite": "^2.9.15",
    "vite-plugin-html": "^2.1.1",
    "vite-plugin-imp": "^2.0.11",
    "vite-plugin-pagedata": "^1.0.4",
    "vite-plugin-vue2": "^1.9.0",
    "vue-loader": "^15.4.2",
    "vue-template-compiler": "2.6.14",
    "webpack": "^4.46.0",
    "webpack-cli": "^4.9.2",
    "webpack-dev-server": "^3.11.3",
    "webpack-merge": "^4.1.4"
  },
  "dependencies": {
    "axios": "0.20.0",
    "babel-polyfill": "6.26.0",
    "classnames": "2.3.1",
    "echarts": "5.2.2",
    "element-ui": "2.15.3",
    "enquire.js": "2.1.6",
    "event-emitter": "^0.3.5",
    "font-awesome": "4.7.0",
    "hi-taskcenter": "^1.0.9",
    "hi-ui": "^1.2.3560",
    "js-cookie": "3.0.1",
    "js-md5": "0.7.3",
    "js-pinyin": "0.1.9",
    "lodash": "4.17.11",
    "pinyin-pro": "^3.20.4",
    "qrcode": "^1.5.3",
    "screenfull": "6.0.0",
    "sortablejs": "1.14.0",
    "v-clipboard": "2.2.3",
    "vue": "2.6.14",
    "vue-draggable-resizable": "2.3.0",
    "vue-gemini-scrollbar": "2.0.1",
    "vue-jstree": "2.1.6",
    "vue-router": "3.3.4",
    "vuex": "3.6.2",
    "zhc-birt-cmps": "^3.0.32",
    "zhc-flowchart": "^1.0.20",
    "zhc-visualstudio": "^1.0.13"
  },
  "preview": {
    "autoStopTime": 172800
  }
}

{
  "name": "hi-vui-template",
  "version": "1.1.66",
  "description": "A hi-vui-template project",
  "author": "zhcTeam",
  "scripts": {
    "rm:vite": "rimraf node_modules/.vite && rimraf node_modules/.cache",
    "pm2:start": "pm2 -s start processes.json",
    "dev": "vite --host",
    "def": "vite --host",
    "build": "node build/copyBaseAssets.js && cross-env NODE_ENV=production node build/webpack.prod.conf.js",
    "build:modules": "cross-env NODE_ENV=production node build/webpack.prod.conf.js",
    "build1": "webpack --mode production --config build/webpack.prod.conf.js",
    "dll": "webpack --config build/webpack.dll.conf.js",
    "start": "webpack-dev-server --config build/webpack.dev.conf.js",
    "copyassets": "node build/copyBaseAssets.js"
  },
  "devDependencies": {
    "@babel/core": "^7.1.2",
    "@babel/plugin-proposal-nullish-coalescing-operator": "^7.16.7",
    "@babel/plugin-proposal-optional-chaining": "^7.16.7",
    "@babel/plugin-syntax-dynamic-import": "^7.0.0",
    "@babel/preset-env": "^7.1.0",
    "@vitejs/plugin-vue-jsx": "^1.3.3",
    "@vue/babel-helper-vue-jsx-merge-props": "^1.2.1",
    "@vue/babel-preset-jsx": "^1.2.4",
    "add-asset-html-webpack-plugin": "^3.2.0",
    "autoprefixer": "^9.1.5",
    "babel-loader": "^8.0.4",
    "babel-plugin-component": "^1.1.1",
    "babel-plugin-transform-vite-meta-env": "^1.0.3",
    "caniuse-lite": "^1.0.30001436",
    "chalk": "^3.0.0",
    "clean-webpack-plugin": "^0.1.19",
    "copy-webpack-plugin": "^4.5.3",
    "cross-env": "^7.0.3",
    "css-loader": "^1.0.0",
    "dotenv": "^10.0.0",
    "file-loader": "^2.0.0",
    "happypack": "^5.0.1",
    "html-webpack-plugin": "^4.5.2",
    "less": "3.0.4",
    "less-loader": "5.0.0",
    "mini-css-extract-plugin": "^1.6.2",
    "node-sass": "4.14.1",
    "optimize-css-assets-webpack-plugin": "^5.0.1",
    "parallel-webpack": "^2.6.0",
    "postcss-import": "^11.1.0",
    "postcss-loader": "^2.1.6",
    "postcss-url": "^7.3.2",
    "progress-bar-webpack-plugin": "^2.1.0",
    "sass": "1.57.1",
    "sass-loader": "7.3.1",
    "style-loader": "^0.23.0",
    "terser-webpack-plugin": "^4.2.3",
    "thread-loader": "^3.0.4",
    "uglifyjs-webpack-plugin": "^2.0.1",
    "url-loader": "^1.1.1",
    "vite": "^2.9.15",
    "vite-plugin-html": "^2.1.1",
    "vite-plugin-imp": "^2.0.11",
    "vite-plugin-pagedata": "^1.0.4",
    "vite-plugin-vue2": "^1.9.0",
    "vue-loader": "^15.4.2",
    "vue-template-compiler": "2.6.14",
    "webpack": "^4.46.0",
    "webpack-cli": "^4.9.2",
    "webpack-dev-server": "^3.11.3",
    "webpack-merge": "^4.1.4"
  },
  "dependencies": {
    "axios": "0.20.0",
    "babel-polyfill": "6.26.0",
    "classnames": "2.3.1",
    "echarts": "5.2.2",
    "element-ui": "2.15.3",
    "enquire.js": "2.1.6",
    "event-emitter": "^0.3.5",
    "font-awesome": "4.7.0",
    "hi-taskcenter": "^1.0.9",
    "hi-ui": "^1.2.3560",
    "js-cookie": "3.0.1",
    "js-md5": "0.7.3",
    "js-pinyin":"0.1.9",
    "lodash": "4.17.11",
    "pinyin-pro": "^3.20.4",
    "qrcode": "^1.5.3",
    "screenfull": "6.0.0",
    "sortablejs": "1.14.0",
    "v-clipboard": "2.2.3",
    "vue": "2.6.14",
    "vue-draggable-resizable": "2.3.0",
    "vue-gemini-scrollbar": "2.0.1",
    "vue-jstree": "2.1.6",
    "vue-router": "3.3.4",
    "vuex": "3.6.2",
    "zhc-birt-cmps": "^3.0.32",
    "zhc-flowchart": "^1.0.20",
    "zhc-visualstudio": "^1.0.13"
  },
  "preview": {
    "autoStopTime": 172800
  }
}

Ignore Space Show notes View vite.config.js
const { resolve } = require('path'); import { defineConfig, loadEnv } from 'vite' import { createVuePlugin } from "vite-plugin-vue2"; import vueJsx from '@vitejs/plugin-vue-jsx' import pageData from "vite-plugin-pagedata" import vitefunc from './vite-plugin/vite-plugin-func' import autoPausePlugin from './vite-plugin/vite-plugin-auto-pause' import { injectHtml } from 'vite-plugin-html'; const pkg = require("./package.json"); // let dependencies = []; // for(let key in pkg.dependencies){ // if(['font-awesome'].indexOf(key)==-1) // dependencies.push(key) // } // console.log('------dependencies------',dependencies) const projectName = pkg.name == 'hi-vui-template' ? 'project' : pkg.name; // https://vitejs.dev/config/ export default ({ mode }) => { process.env = { ...process.env, ...loadEnv(mode, process.cwd()) }; let aliases = {} let build = { sourcemap: false, //编译 //指定多个 .html 文件作为入口点 rollupOptions: { // 请确保外部化那些你的库中不需要的依赖 // external: ['vue'], input: { main: resolve(__dirname, 'index.html'), nested: resolve(__dirname, 'nested/index.html') }, output: { format: 'umd', } } } if (mode == 'development') { aliases = { '@project': resolve(`${projectName}`), '@main': resolve(`${projectName}/hivuiMain`), '@birt': resolve(`${projectName}/hivuiBirt`), '@sam': resolve(`${projectName}/hivuiSam`), 'pinyin': 'js-pinyin', //预览使用全局的vue 'vue':resolve(__dirname,`./build/vite_preview/vue.js`), //预览引用指定目录下的element //开启本地调试时，禁用掉下面这行 'element-ui':resolve(__dirname,`./build/vite_preview/element_ui.js`), //开启本地调试时，启用scp5.0本地调式指定 //'@':resolve(__dirname, './hi-ui/src'), } } const postDataName = "scpRequestData"; return defineConfig({ // 被监听的包必须被排除在优化之外， // 预览时,预编译这些包,以防vite 启动后,浏览器通过自动模块加载导致刷新页面 optimizeDeps:{ //预编译加载这些，提升速度 include: [ 'axios', 'babel-polyfill', 'classnames', 'echarts', 'enquire.js', 'js-cookie', 'js-md5', 'js-pinyin', 'lodash','lodash/findIndex','lodash/cloneDeep','lodash/isPlainObject','lodash/defaultsDeep','lodash/bind', 'screenfull', 'sortablejs', 'vue', 'vue-draggable-resizable', 'vue-gemini-scrollbar', 'vue-jstree', //以下第一次预览时启动不了 // 'hi-ui','hi-taskcenter','zhc-flowchart','zhc-birt-cmps ], // 排除 // exclude: [] }, build: build, define: { 'process.env': { /** * 启用时在入口页中，有一段以下代码，因为ELEMENT有全局、import、两次，所以在调试hiui时，在初始化一次才行 if(process.env.hiui_debug){ //这样多次引用element //hiui调试时用 Vue.use(ELEMENT) } * / //开启本地调试时，启用 hiui_debug:false //配合 webpack 环境，在vite 下定义一个空的 } }, css: { preprocessorOptions: { less: { javascriptEnabled: true, } }, }, resolve: { extensions: ['.mjs', '.js', '.ts', '.jsx', '.tsx', '.json', '.vue', '.dtvevt', '.dtv','.dvue','.es6'], alias: aliases, }, plugins: [ / 通过 URL @fs/ftp/a.txt?import&raw?? 访问服务器文件的行为，通常意味着访问了不应公开的目录或文件。为了阻止这种情况，我们需要确保以下几方面的安全性：限制文件访问路径禁止特定的 URL 查询参数加强 Vite 配置的文件系统安全性 / { name: 'restrict-query-params', configureServer(server) { server.middlewares.use((req, res, next) => { const url = req.url; //攻击读取文件 ftp/a.txt http://192.168.18.161:3000/@fs/ftp/a.txt?import&raw?? if (url && (url.includes('?import') \|\| url.includes('?raw'))) { res.statusCode = 403; res.end('Forbidden'); return; } next(); }); } }, pkg.preview&&pkg.preview.autoStopTime>0?autoPausePlugin():null, vitefunc({ varName: postDataName, global: { env: 'dev' }, htmlWebpackPlugin: { vite: true, project: projectName, mode: mode } }), injectHtml({ // 向预览时注入变量，这个变量跟打包时 html-webpack-plugin 注入的一致，用户判断是否是编译状态 injectData: { htmlWebpackPlugin: { vite: true, project: projectName, mode: mode } } }), pageData({ varName: postDataName, global: { env: 'dev' }, }), createVuePlugin({ include:/\.(dvue\|vue)$/ }), vueJsx({ // options are passed on to @vue/babel-plugin-jsx }), //影响到eap.umd.min.js 里的require ELEMENT 全局 // requireTransform({ // fileRegex:/.ts$\|.tsx$\|.vue$\|.js$\|.jsx$/ // }) ], server: { fs: { strict: true,//限制为工作区 root 路径以外的文件的访问 allow: [ './public', // resolve(__dirname, '.'),// 允许为项目想目录的上一级提供服务 ] }, hmr:{ overlay:false,//不遮罩输出错误信息，但输出控制台 } }, }) }; const { resolve } = require('path'); import { defineConfig, loadEnv } from 'vite' import { createVuePlugin } from "vite-plugin-vue2"; import vueJsx from '@vitejs/plugin-vue-jsx' import pageData from "vite-plugin-pagedata" import vitefunc from './vite-plugin/vite-plugin-func' import autoPausePlugin from './vite-plugin/vite-plugin-auto-pause' import { injectHtml } from 'vite-plugin-html'; const pkg = require("./package.json"); // let dependencies = []; // for(let key in pkg.dependencies){ // if(['font-awesome'].indexOf(key)==-1) // dependencies.push(key) // } // console.log('------dependencies------',dependencies) const projectName = pkg.name == 'hi-vui-template' ? 'project' : pkg.name; // https://vitejs.dev/config/ export default ({ mode }) => { process.env = { ...process.env, ...loadEnv(mode, process.cwd()) }; let aliases = {} let build = { sourcemap: false, //编译 //指定多个 .html 文件作为入口点 rollupOptions: { // 请确保外部化那些你的库中不需要的依赖 // external: ['vue'], input: { main: resolve(__dirname, 'index.html'), nested: resolve(__dirname, 'nested/index.html') }, output: { format: 'umd', } } } if (mode == 'development') { aliases = { '@project': resolve(`${projectName}`), '@main': resolve(`${projectName}/hivuiMain`), '@birt': resolve(`${projectName}/hivuiBirt`), '@sam': resolve(`${projectName}/hivuiSam`), 'pinyin': 'js-pinyin', //预览使用全局的vue 'vue':resolve(__dirname,`./build/vite_preview/vue.js`), //预览引用指定目录下的element //开启本地调试时，禁用掉下面这行 'element-ui':resolve(__dirname,`./build/vite_preview/element_ui.js`), //开启本地调试时，启用scp5.0本地调式指定 //'@':resolve(__dirname, './hi-ui/src'), } } const postDataName = "scpRequestData"; return defineConfig({ // 被监听的包必须被排除在优化之外， // 预览时,预编译这些包,以防vite 启动后,浏览器通过自动模块加载导致刷新页面 optimizeDeps:{ //预编译加载这些，提升速度 include: [ 'axios', 'babel-polyfill', 'classnames', 'echarts', 'enquire.js', 'js-cookie', 'js-md5', 'js-pinyin', 'lodash','lodash/findIndex','lodash/cloneDeep','lodash/isPlainObject','lodash/defaultsDeep','lodash/bind', 'screenfull', 'sortablejs', 'vue', 'vue-draggable-resizable', 'vue-gemini-scrollbar', 'vue-jstree', //以下第一次预览时启动不了 // 'hi-ui','hi-taskcenter','zhc-flowchart','zhc-birt-cmps ], // 排除 // exclude: [] }, build: build, define: { 'process.env': { /* * 启用时在入口页中，有一段以下代码，因为ELEMENT有全局、import、两次，所以在调试hiui时，在初始化一次才行 if(process.env.hiui_debug){ //这样多次引用element //hiui调试时用 Vue.use(ELEMENT) } * */ //开启本地调试时，启用 hiui_debug:false //配合 webpack 环境，在vite 下定义一个空的 } }, css: { preprocessorOptions: { less: { javascriptEnabled: true, } }, }, resolve: { extensions: ['.mjs', '.js', '.ts', '.jsx', '.tsx', '.json', '.vue', '.dtvevt', '.dtv','.dvue','.es6'], alias: aliases, }, plugins: [ pkg.preview&&pkg.preview.autoStopTime>0?autoPausePlugin():null, vitefunc({ varName: postDataName, global: { env: 'dev' }, htmlWebpackPlugin: { vite: true, project: projectName, mode: mode } }), injectHtml({ // 向预览时注入变量，这个变量跟打包时 html-webpack-plugin 注入的一致，用户判断是否是编译状态 injectData: { htmlWebpackPlugin: { vite: true, project: projectName, mode: mode } } }), pageData({ varName: postDataName, global: { env: 'dev' }, }), createVuePlugin({ include:/\.(dvue\|vue)$/ }), vueJsx({ // options are passed on to @vue/babel-plugin-jsx }), //影响到eap.umd.min.js 里的require ELEMENT 全局 // requireTransform({ // fileRegex:/.ts$\|.tsx$\|.vue$\|.js$\|.jsx$/ // }) ], server: { hmr:{ overlay:false,//不遮罩输出错误信息，但输出控制台 } }, }) };

Ignore Space Show notes View

vite.config.js

const { resolve } = require('path');
import { defineConfig, loadEnv } from 'vite'
import { createVuePlugin } from "vite-plugin-vue2";
import vueJsx from '@vitejs/plugin-vue-jsx'
import pageData from "vite-plugin-pagedata"
import vitefunc from './vite-plugin/vite-plugin-func'
import autoPausePlugin from './vite-plugin/vite-plugin-auto-pause'
import { injectHtml } from 'vite-plugin-html';

const pkg = require("./package.json");

// let dependencies = [];
// for(let key in pkg.dependencies){
//     if(['font-awesome'].indexOf(key)==-1)
//     dependencies.push(key)
// }
// console.log('------dependencies------',dependencies)

const projectName = pkg.name == 'hi-vui-template' ? 'project' : pkg.name;

// https://vitejs.dev/config/
export default ({ mode }) => {
    process.env = { ...process.env, ...loadEnv(mode, process.cwd()) };
    let aliases = {}
    let build = {
        sourcemap: false,
        //编译
        //指定 多个 .html 文件作为入口点
        rollupOptions: {
            // 请确保外部化那些你的库中不需要的依赖
            // external: ['vue'],
            input: {
                main: resolve(__dirname, 'index.html'),
                nested: resolve(__dirname, 'nested/index.html')
            },
            output: {
                format: 'umd',
            }
        }
    }
    if (mode == 'development') {
        aliases = {
            '@project': resolve(`${projectName}`),
            '@main': resolve(`${projectName}/hivuiMain`),
            '@birt': resolve(`${projectName}/hivuiBirt`),
            '@sam': resolve(`${projectName}/hivuiSam`),
            'pinyin': 'js-pinyin',
            //预览使用全局的vue
            'vue':resolve(__dirname,`./build/vite_preview/vue.js`),
            //预览引用指定目录下的element
            //开启本地调试时，禁用掉下面这行
            'element-ui':resolve(__dirname,`./build/vite_preview/element_ui.js`),
            //开启本地调试时，启用scp5.0本地调式指定
            //'@':resolve(__dirname, './hi-ui/src'),
        }
    }
    const postDataName = "scpRequestData";
    return defineConfig({
        // 被监听的包必须被排除在优化之外，
        // 预览时,预编译这些包,以防vite 启动后,浏览器通过自动模块加载导致刷新页面
        optimizeDeps:{
            //预编译加载这些，提升速度
            include: [
                'axios',
                'babel-polyfill',
                'classnames',
                'echarts',
                'enquire.js',
                'js-cookie',
                'js-md5',
                'js-pinyin',
                'lodash','lodash/findIndex','lodash/cloneDeep','lodash/isPlainObject','lodash/defaultsDeep','lodash/bind',
                'screenfull',
                'sortablejs',
                'vue',
                'vue-draggable-resizable',
                'vue-gemini-scrollbar',
                'vue-jstree',
                //以下第一次预览时启动不了
                // 'hi-ui','hi-taskcenter','zhc-flowchart','zhc-birt-cmps
            ],
            // 排除
            // exclude: []
        },
        build: build,
        define: {
            'process.env': {
                /**
                 * 启用时在入口页中，有一段以下代码，因为ELEMENT有全局、import、两次，所以在调试hiui时，在初始化一次才行
                    if(process.env.hiui_debug){
                        //这样多次引用element
                        //hiui调试时用
                        Vue.use(ELEMENT)
                    }
                 *
                 */
                //开启本地调试时，启用
                hiui_debug:false
                //配合 webpack 环境，在vite 下定义一个空的
            }
        },
        css: {
            preprocessorOptions: {
                less: {
                    javascriptEnabled: true,
                }
            },
        },
        resolve: {
            extensions: ['.mjs', '.js', '.ts', '.jsx', '.tsx', '.json', '.vue', '.dtvevt', '.dtv','.dvue','.es6'],
            alias: aliases,
        },
        plugins: [
            /*
                通过 URL @fs/ftp/a.txt?import&raw?? 访问服务器文件的行为，通常意味着访问了不应公开的目录或文件。为了阻止这种情况，我们需要确保以下几方面的安全性：
                限制文件访问路径
                禁止特定的 URL 查询参数
                加强 Vite 配置的文件系统安全性
            */
            {
                name: 'restrict-query-params',
                configureServer(server) {
                  server.middlewares.use((req, res, next) => {
                    const url = req.url;
                    //攻击读取文件 ftp/a.txt   http://192.168.18.161:3000/@fs/ftp/a.txt?import&raw??  
                    if (url && (url.includes('?import') || url.includes('?raw'))) {
                      res.statusCode = 403;
                      res.end('Forbidden');
                      return;
                    }
                    next();
                  });
                }
            },
            pkg.preview&&pkg.preview.autoStopTime>0?autoPausePlugin():null,
            vitefunc({
                varName: postDataName,
                global: {
                    env: 'dev'
                },
                htmlWebpackPlugin: {
                    vite: true,
                    project: projectName,
                    mode: mode
                }
            }),
            injectHtml({
                // 向预览时注入变量，这个变量跟打包时 html-webpack-plugin 注入的一致，用户判断是否是编译状态
                injectData: {
                    htmlWebpackPlugin: {
                        vite: true,
                        project: projectName,
                        mode: mode
                    }
                }
            }),
            pageData({
                varName: postDataName,
                global: {
                    env: 'dev'
                },
            }),
            createVuePlugin({
                include:/\.(dvue|vue)$/
            }),
            vueJsx({
                // options are passed on to @vue/babel-plugin-jsx
            }),
            //影响到eap.umd.min.js 里的require ELEMENT 全局
            // requireTransform({
            //     fileRegex:/.ts$|.tsx$|.vue$|.js$|.jsx$/
            // })
        ],
        server: {
            fs: {
                strict: true,//限制为工作区 root 路径以外的文件的访问
                allow: [
                    './public',
                    // resolve(__dirname, '.'),// 允许为项目想目录的上一级提供服务
                ]
            },
            hmr:{
                overlay:false,//不遮罩输出错误信息，但输出控制台
            }
        },
    })

};

const pkg = require("./package.json");

// let dependencies = [];
// for(let key in pkg.dependencies){
//     if(['font-awesome'].indexOf(key)==-1)
//     dependencies.push(key)
// }
// console.log('------dependencies------',dependencies)

const projectName = pkg.name == 'hi-vui-template' ? 'project' : pkg.name;

// https://vitejs.dev/config/
export default ({ mode }) => {
    process.env = { ...process.env, ...loadEnv(mode, process.cwd()) };
    let aliases = {}
    let build = {
        sourcemap: false,
        //编译
        //指定 多个 .html 文件作为入口点
        rollupOptions: {
            // 请确保外部化那些你的库中不需要的依赖
            // external: ['vue'],
            input: {
                main: resolve(__dirname, 'index.html'),
                nested: resolve(__dirname, 'nested/index.html')
            },
            output: {
                format: 'umd',
            }
        }
    }
    if (mode == 'development') {
        aliases = {
            '@project': resolve(`${projectName}`),
            '@main': resolve(`${projectName}/hivuiMain`),
            '@birt': resolve(`${projectName}/hivuiBirt`),
            '@sam': resolve(`${projectName}/hivuiSam`),
            'pinyin': 'js-pinyin',
            //预览使用全局的vue
            'vue':resolve(__dirname,`./build/vite_preview/vue.js`),
            //预览引用指定目录下的element
            //开启本地调试时，禁用掉下面这行
            'element-ui':resolve(__dirname,`./build/vite_preview/element_ui.js`),
            //开启本地调试时，启用scp5.0本地调式指定
            //'@':resolve(__dirname, './hi-ui/src'),
        }
    }
    const postDataName = "scpRequestData";
    return defineConfig({
        // 被监听的包必须被排除在优化之外，
        // 预览时,预编译这些包,以防vite 启动后,浏览器通过自动模块加载导致刷新页面
        optimizeDeps:{
            //预编译加载这些，提升速度
            include: [
                'axios',
                'babel-polyfill',
                'classnames',
                'echarts',
                'enquire.js',
                'js-cookie',
                'js-md5',
                'js-pinyin',
                'lodash','lodash/findIndex','lodash/cloneDeep','lodash/isPlainObject','lodash/defaultsDeep','lodash/bind',
                'screenfull',
                'sortablejs',
                'vue',
                'vue-draggable-resizable',
                'vue-gemini-scrollbar',
                'vue-jstree',
                //以下第一次预览时启动不了
                // 'hi-ui','hi-taskcenter','zhc-flowchart','zhc-birt-cmps
            ],
            // 排除
            // exclude: []
        },
        build: build,
        define: {
            'process.env': {
                /**
                 * 启用时在入口页中，有一段以下代码，因为ELEMENT有全局、import、两次，所以在调试hiui时，在初始化一次才行
                    if(process.env.hiui_debug){
                        //这样多次引用element
                        //hiui调试时用
                        Vue.use(ELEMENT)
                    }
                 *
                 */
                //开启本地调试时，启用
                hiui_debug:false
                //配合 webpack 环境，在vite 下定义一个空的
            }
        },
        css: {
            preprocessorOptions: {
                less: {
                    javascriptEnabled: true,
                }
            },
        },
        resolve: {
            extensions: ['.mjs', '.js', '.ts', '.jsx', '.tsx', '.json', '.vue', '.dtvevt', '.dtv','.dvue','.es6'],
            alias: aliases,
        },
        plugins: [
            pkg.preview&&pkg.preview.autoStopTime>0?autoPausePlugin():null,
            vitefunc({
                varName: postDataName,
                global: {
                    env: 'dev'
                },
                htmlWebpackPlugin: {
                    vite: true,
                    project: projectName,
                    mode: mode
                }
            }),
            injectHtml({
                // 向预览时注入变量，这个变量跟打包时 html-webpack-plugin 注入的一致，用户判断是否是编译状态
                injectData: {
                    htmlWebpackPlugin: {
                        vite: true,
                        project: projectName,
                        mode: mode
                    }
                }
            }),
            pageData({
                varName: postDataName,
                global: {
                    env: 'dev'
                },
            }),
            createVuePlugin({
                include:/\.(dvue|vue)$/
            }),
            vueJsx({
                // options are passed on to @vue/babel-plugin-jsx
            }),
            //影响到eap.umd.min.js 里的require ELEMENT 全局
            // requireTransform({
            //     fileRegex:/.ts$|.tsx$|.vue$|.js$|.jsx$/
            // })
        ],
        server: {
            hmr:{
                overlay:false,//不遮罩输出错误信息，但输出控制台
            }
        },
    })

};

Show line notes below